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DETAILED ACTION 

1 . This Office Action is taken in response to Board of Patent Appeals and 
Interferences (BPAI) decision rendered on June 1 1 , 2009 regarding application 
09/825,905 filed on April 4, 2001 . 

EXAMINER'S AMENDMENT 

2. An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

3. Authorization for this examiner's amendment was given in a telephone interview 
with Jaison John (Reg. No. 50,737) and Nathan Black on 09/21/2009. 

This Examiner's Answer is based on Applicants' claims filed on 12/12/2005. 
Please amend independent claims 1,7,11,15,19 and 24, as well as dependent claims 
5, 10, 14, 18 and 22 of this application as shown below: 

4. Dependent Claims 5, 10, 14, 18 and 22 are now cancelled 

5. Claim 1 is now amended to be: 

1. (Currently Amended) A method for providing security in a computer system, 
comprising: 

controlling access to selected information using attributes defined in a first table; 
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controlling access to the selected information using a second table that 
associates at least one of a read and write privilege with one or more 
physical addresses of a memory that houses the selected information; 

receiving a request from a program to access the information; and 

allowing access to the information in response to determining that the program 
has the authority to access the information based on at least one of the 
read and write privilege ; and 

wherein the selected information is at least one of interrupt descriptor table, 

global descriptor table, and local descriptor table . 



6. Claim 7 is now amended to be: 

7. (Currently Amended) A method for providing security, comprising: 

writing to at least one register to define a privileged memory region; 

defining at least one computer instruction as a privileged instruction, wherein the 

privileged instruction is resident in the privileged memory region; 
identifying information for protection; 

indicating at least one physical address of a memory that houses the information 

as at least one of read and write disabled; and 
controlling the access to the information using the privileged instruction ; and 
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wherein the protected information is at least one of interrupt descriptor table, 
global descriptor table, and local descriptor table . 

7. Claim 11 is now amended to be: 

1 1 . (Currently Amended) A computer readable program storage device encoded with 
instructions that, when executed by a computer, performs a method of providing 
security, comprising: 

protecting selected information using a first level of security specifying access 

privileges to the selected information; 
protecting the information using a second level of security that associates at least 
one of a read and write privilege with one or more physical addresses of a 
memory that houses the selected information; 
receiving a request from a program to access the selected information; and 
accessing the information in response to determining that the program has the 
authority to access the selected information based at least on the second 
security level ; and 

wherein the selected information is at least one of interrupt descriptor table, 
global descriptor table, and local descriptor table . 

8. Claim 15 is now amended to be: 

1 5. (Currently Amended) An apparatus, comprising: 
a memory comprising: 
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a first level of protection specifying access privileges for selected information; 
and 

a privileged code, the privileged code capable of: 

protecting access to the selected information based on a second level of 
protection in which at least one of a read and write privilege is 
associated with the physical address of a memory housing the 
information; 

receiving a request from a program to access the information; and 
allowing access to the information in response to determining that the 
program has the authority to access the information based on at 
least one of the read and write privilege , wherein the selected 
information is at least one of interrupt descriptor table, global 
descriptor table, and local descriptor table . 

9. Claim 19 is now amended to be: 

19. (Currently Amended) A system, comprising: 
a processor; and 

a memory coupled to the processor, the memory comprising: 
a table specifying access privileges for selected information; and 
a privileged code capable of: 

protecting access to the selected information based a second table 
specifying association of at least one of a read and write privilege 
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with at least one physical address of a memory housing the 
information; 

receiving a request from a program to access the information; and 
allowing access to the information in response to determining that the 
program has the authority to access the information based on at 
least one of the read and write privilege , wherein the selected 
information is at least one of interrupt descriptor table, global 
descriptor table, and local descriptor table . 



10. Claim 24 is now amended to be: 

24. (Currently Amended) An apparatus for providing security, comprising: 

means for providing a first table of at least write protection for selected 
information; 

means for providing a second table of at least one of read and write protection for 
the selected information associated with one or more physical addresses 
of a memory that houses the selected information; 

means for receiving a request from a program to access the information; and 
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means for allowing access to the information in response to determining that the 
program has the authority to access the information based on at least the first 
and second tables , wherein the selected information is at least one of interrupt 
descriptor table, global descriptor table, and local descriptor table . 

Allowable Subject Matter 

1 1 . Claims 1 -4, 6-9, 11-13,1 5-1 7, 1 9-21 and 23-24 are allowed. 

Reasons for Allowable 

12. The reasons for allowance are provided below: 

Refer to BPAI's decision mailed on June 1 1 , 2009 for details. 

Examiner's Comments 

13. Further information regarding Interrupt Descriptor Table (IDT), Global Descriptor 
Table (GDT) and Local Descriptor Table (LDT) is provided on page 9, lines 11-18 of 
Applicants' Specification as well as Figure 2 filed on 4/4/2001 . 

Conclusion 

14. Claims 1-4, 6-9, 11-13, 15-17, 19-21 and 23-24 are allowed. 

15. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Sheng-Jen Tsai whose telephone number is 571-272- 
4244. The examiner can normally be reached on 8:30 - 5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Matthew Kim can be reached on 571-272-4182. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 

Patent Application Information Retrieval (PAIR) system. Status information for 

published applications may be obtained from either Private PAIR or Public PAIR. 

Status information for unpublished applications is available through Private PAIR only. 

For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 

you have questions on access to the Private PAIR system, contact the Electronic 

Business Center (EBC) at 866-217-9197 (toll-free). 

/Sheng-Jen Tsai/ 

Primary Examiner, Art Unit 2186 

September 22, 2009 



